On Tuesday July 6, 2021, Microsoft issued CVE-2021-34527 regarding a Windows Print Spooler vulnerability. Updates were released on July 6 and 7 which addressed the vulnerability for all supported Windows versions. We encourage customers to update as soon as possible. CVE-2021-34527 - Windows Print Spooler Remote Code Execution Vulnerability. Following the out of band release (OOB) we investigated claims regarding the effectiveness of the security update and questions around the suggested mitigations.

nessus 12

mskb 20

githubexploit 30

msrc 7

threatpost 7

ics 4

checkpoint_advisories 1

krebs 2

kaspersky 2

kitploit 2

cisa 4

thn 10

hivepro 3

cisa_kev 1

attackerkb 3

mscve 2

talosblog 2

malwarebytes 5

pentestpartners 1

rapid7blog 8

metasploit 1

securelist 5

cert 1

cve 1

packetstorm 1

prion 1

qualysblog 9

trellix 2

avleonov 2

nessus

KB5004946: Windows 10 1909 OOB Security Update RCE (July 2021)

2021-07-08 00:00:00

KB5004959: Windows Server 2008 OOB Security Update RCE (July 2021)

2021-07-08 00:00:00

KB5004960: Windows Server 2012 OOB Security Update RCE (July 2021)

2021-07-08 00:00:00

mskb

July 6, 2021—KB5004953 (Monthly Rollup) Out-of-band

2021-07-01 07:00:00

July 6, 2021—KB5004950 (OS Build 10240.18969) Out-of-band - EXPIRED

2021-07-01 07:00:00

July 6, 2021—KB5004946 (OS Build 18363.1646) Out-of-band

2021-07-02 00:00:00

githubexploit

Exploit for Improper Privilege Management in Microsoft

2021-07-09 09:22:03

Exploit for Improper Privilege Management in Microsoft

2023-04-07 20:14:31

Exploit for Improper Privilege Management in Microsoft

2022-06-24 13:25:25

msrc

Out-of-Band (OOB) Security Update available for CVE-2021-34527

2021-07-06 23:36:00

Clarified Guidance for CVE-2021-34527 Windows Print Spooler Vulnerability

2021-07-09 01:00:42

Windows Print Spooler の脆弱性情報 (CVE-2021-34527) に対するセキュリティ更新プログラムの定例外での公開

2021-07-06 07:00:00

threatpost

TrickBot Gang Enters Cybercrime Elite with Fresh Affiliates

2021-10-15 18:05:29

Microsoft Releases Emergency Patch for PrintNightmare Bugs

2021-07-07 10:55:02

CISA Offers New Mitigation for PrintNightmare Bug

2021-07-02 12:21:02

ics

Russian State-Sponsored Cyber Actors Gain Network Access by Exploiting Default Multifactor Authentication Protocols and “PrintNightmare” Vulnerability

2022-05-02 12:00:00

#StopRansomware: Vice Society

2022-09-08 12:00:00

#StopRansomware: Vice Society

2022-09-08 12:00:00

checkpoint_advisories

Windows Print Spooler Remote Code Execution (CVE-2021-34527)

2021-07-08 00:00:00

krebs

Microsoft Issues Emergency Patch for Windows Flaw

2021-07-07 14:34:59

Microsoft Patch Tuesday, July 2021 Edition

2021-07-13 21:41:47

kaspersky

KLA12213 RCE vulnerability in Microsoft Windows

2021-07-01 00:00:00

KLA12214 RCE vulnerability in Microsoft Products (ESU)

2021-07-01 00:00:00

kitploit

Invoke-PSObfuscation - An In-Depth Approach To Obfuscating The Individual Components Of A PowerShell Payload Whether You'Re On Windows Or Kali Linux

2023-03-21 11:30:00

SpoolSploit - A Collection Of Windows Print Spooler Exploits Containerized With Other Utilities For Practical Exploitation

2021-10-07 11:30:00

cisa

Russian State-Sponsored Cyber Actors Access Network Misconfigured with Default MFA Protocols

2022-03-15 00:00:00

CISA Issues Emergency Directive on Microsoft Windows Print Spooler

2021-07-13 00:00:00

Microsoft Releases Out-of-Band Security Updates for PrintNightmare

2021-07-06 00:00:00

thn

FBI, CISA Warn of Russian Hackers Exploiting MFA and PrintNightmare Bug

2022-03-16 13:29:00

How to Mitigate Microsoft Print Spooler Vulnerability – PrintNightmare

2021-07-08 09:32:00

Researchers Share Techniques to Uncover Anonymized Ransomware Sites on Dark Web

2022-07-05 07:06:00

hivepro

Russian threat actors leveraging misconfigured multifactor authentication to exploit PrintNightmare vulnerability

2022-03-18 13:58:03

Emergency patches have been released by Microsoft for PrintNightmare

2021-07-08 13:50:55

Are you a victim of the Conti Ransomware?

2021-09-23 13:47:51

cisa_kev

Microsoft Windows Print Spooler Remote Code Execution Vulnerability

2021-11-03 00:00:00

attackerkb

CVE-2021-35211

2021-07-13 00:00:00

CVE-2021-34527 "PrintNightmare"

2021-07-02 00:00:00

CVE-2021-1675

2021-06-08 00:00:00

mscve

Windows Print Spooler Remote Code Execution Vulnerability

2021-06-08 07:00:00

Windows Print Spooler Remote Code Execution Vulnerability

2021-07-01 07:00:00

talosblog

PrintNightmare: Here’s what you need to know and Talos’ coverage

2021-07-08 13:25:03

Vice Society Leverages PrintNightmare In Ransomware Attacks

2021-08-12 16:16:46

malwarebytes

PrintNightmare 0-day can be used to take over Windows domain controllers

2021-07-01 14:08:26

UPDATED: Patch now! Emergency fix for PrintNightmare released by Microsoft

2021-07-07 14:17:31

Microsoft’s PrintNightmare continues, shrugs off Patch Tuesday fixes

2021-08-12 11:30:26

pentestpartners

Black Basta ransomware

2023-06-28 05:11:34

rapid7blog

Russia-Ukraine Cybersecurity Updates

2022-03-04 14:30:00

Metasploit Wrap-up

2021-07-09 17:53:41

CVE-2021-34527 (PrintNightmare): What You Need to Know

2021-06-30 18:15:59

metasploit

Print Spooler Remote DLL Injection

2022-05-16 18:56:46

securelist

Kaspersky Managed Detection and Response: interesting cases

2021-12-15 10:00:42

Quick look at CVE-2021-1675 & CVE-2021-34527 (aka PrintNightmare)

2021-07-08 05:00:06

IT threat evolution Q3 2021

2021-11-26 12:00:36

cert

Microsoft Windows Print Spooler allows for RCE via AddPrinterDriverEx()

2021-06-30 00:00:00

cve

CVE-2021-34527

2021-07-02 22:15:00

packetstorm

Print Spooler Remote DLL Injection

2022-05-25 00:00:00

prion

Remote code execution

2021-07-02 22:15:00

qualysblog

Microsoft Windows Print Spooler RCE Vulnerability (PrintNightmare-CVE-2021-34527) – Automatically Discover, Prioritize and Remediate Using Qualys VMDR®

2021-07-07 23:30:23

Conti Ransomware

2021-11-18 17:17:56

Ransomware Insights from the FBI’s 2021 Internet Crime Report

2022-05-04 09:40:56

trellix

Beyond Memory Corruption Vulnerabilities – A Security Extinction and Future of Exploitation

2022-01-24 00:00:00

Beyond Memory Corruption Vulnerabilities – A Security Extinction and Future of Exploitation

2022-01-24 00:00:00

avleonov

Last Week’s Security news: PrintNightmare, Kaseya, Intune, Metasploit Docker escape

2021-07-05 15:19:07

Last Week’s Security news: PrintNightmare patches and Metasploit, Kaseya CVEs, Morgan Stanley Accellion FTA, Cisco BPA and WSA, Philips Vue PACS, CISA RVAs, Lazarus job offers

2021-07-11 20:52:51

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

9 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

0.971 High

EPSS

Percentile

99.6%

JSON

Related for MSRC:D3EB0B723121A9028F60C06787605F29